Please see this forum post for an explanation of the categories used in this report
ASL users
Summary: No update required, you are already immune from all vulnerabilities/CVEs below
Already protect against/Known Method/No update required
XSS Vulnerability in BulletProof Security Version .52.4
PHPIPAM 1.1.010 CSRF / XSS / SQL Injection
HttpFileServer 2.3.x Remote Command Execution (When protected by the ASL WAF)
WordPress NextGEN Gallery 2.1.15 Cross Site Scripting / Path Traversal
Easy News Pro 1.5 Bypass / SQL Injection / File Upload
CVE-2015-8508 (XSS in Buzilla)
CVE-2015-8398
CVE-2015-8399
phpMyAdmin Installation Path Information Disclosure Vulnerability
Not already protected against/New Method/Update Available
None.
Not already protected against/Doesnt protect against/Solution
None.
Potential Vulnerability/Solution
None.
Rules only users
Summary: No action required unless using HttpFileServer 2.3.x.
Already protect against/Known Method/No update required
XSS Vulnerability in BulletProof Security Version .52.4
PHPIPAM 1.1.010 CSRF / XSS / SQL Injection
WordPress NextGEN Gallery 2.1.15 Cross Site Scripting / Path Traversal
Easy News Pro 1.5 Bypass / SQL Injection / File Upload
CVE-2015-8508 (XSS in Buzilla)
CVE-2015-8398
CVE-2015-8399
phpMyAdmin Installation Path Information Disclosure Vulnerability
Not already protected against/New Method/Update Available
None.
Not already protected against/Doesnt protect against/Solution
None.
Potential Vulnerability/Solution
HttpFileServer 2.3.x Remote Command Execution (When this protected behind a WAF running the real time rules this vulnerability is addressed).